Another top VPN company just pledged to pull its servers out of India

Surfshark logo and interface on a smartphone
(Image credit: Pixabay)

Another of the world's best VPN providers has announced its decision to pull the plug on its Indian servers. 

After ExpressVPN exited India last week, Surfshark has now followed suit, stating that the country's new CERT-In regulations 'go against the core ethos of the company'. 

Expected to come into force on June 27, India's new data retention law will force VPN companies to keep users' data - like IP addresses, real names and usage patterns - for up to five years. They will also be required to hand this information over to authorities upon request. 

Surfshark Head of Legal Gytis Malinauskas said that the company, which operates under a strict no-log policy, is not willing to compromise its values nor its technical base.  

See more

What does this change for Surfshark users in India?

After the new regulations come into effect, Surfshark is set to introduce virtual Indian servers to replace its physical ones in the country, claiming these will be 'functionally identical to physical ones'.

Until then, Surfshark subscribers will be still able to connect to physical servers located in the country as usual. 

Once the virtual servers are available, the provider's users will find those browsing its regular server list. They will have the option to choose to reroute their connection via Singapore or London, while still getting an Indian IP address. The only difference is that the physical server will be located outside the country so that users' data will be secure from Indian authorities' control. 

"Meanwhile, Surfshark will continue to closely monitor the government's attempts to limit internet freedom and encourage discussions intended to persuade the government to hear the arguments of the tech industry," the provider wrote in an official statement

Hand holding a smartphone with VPN logo on screen and the Indian flag on the background

(Image credit: Shutterstock)

What is India's new data retention law?

India's new data retention law doesn't affect only VPNs but also cloud storage services, virtual private servers (VPS), data centers, and cryptocurrency exchanges. An attempt to fight back cybercrime, it has been sparking many concerns across the tech sector and privacy advocate groups. 

Commentators are worried that a country with regressive media freedom - India just dropped to 150th out of 180 countries in the 2022 Reporters Without Borders’ Press Freedom Index - can easily misuse these directives to enforce their grip on the wider public.

At the same time, experts believe that this climate could have a negative impact on the fast-growing India IT sector too. As Future Market Insights Chief Operating Officer Sudip Saha told TechRadar: "Bans on VPNs will primarily hurt corporate interests by acting as a disincentive to investments and doing business in India."

Chiara Castro
Senior Staff Writer

Chiara is a multimedia journalist committed to covering stories to help promote the rights and denounce the abuses of the digital side of life—wherever cybersecurity, markets and politics tangle up. She mainly writes news, interviews and analysis on data privacy, online censorship, digital rights, cybercrime, and security software, with a special focus on VPNs, for TechRadar Pro, TechRadar and Tom’s Guide. Got a story, tip-off or something tech-interesting to say? Reach out to